Method of, and devices for, establishing a signalling connection between a remote user equipment, ue, and a telecommunication network via a relay capable ue

ABSTRACT

A method of establishing a signalling connection between a remote User Equipment, UE, and a telecommunication network via a relay capable UE, wherein said relay capable UE has established user plane connectivity to an intermediate node comprised by said telecommunication network and is arranged for supporting establishment of said connection for said remote UE, said method comprising the steps of receiving a registration message over said user plane forwarded by said relay capable UE and originating from said remote UE for registering said remote UE to said telecommunication network, forwarding said registration message to a Mobility Management Function comprised by said telecommunication network and receiving a registration accept message from said Mobility Management Function for accepting registration of said remote UE to said telecommunication network, and forwarding said registration accept message to said remote UE via said relay capable UE.

RELATED APPLICATIONS

This application is a continuation of U.S. application Ser. No.16/769,520, which is the U.S. National Stage Application ofInternational Application No. PCT/EP2018/085172 filed on Dec. 17, 2018,published in English, which claims priority under 35 U.S.C. § 119 or 365to European Application No. 17207899.0, filed Dec. 18, 2017. The entireteachings of the above applications are incorporated herein byreference.

TECHNICAL FIELD

The present invention is generally related to User Equipment, UE, thatare connected to a telecommunication network via a relay capable UE.More specifically, the invention relates to a method of establishing asignalling connection between a remote UE and the telecommunicationnetwork via a relay capable UE.

BACKGROUND

Telecommunication networks enable User Equipment, UE, to communicatewith each other via one of a number of access nodes and via one or morecore networks. Typically, the UEs are mobile terminals like mobile smartphones, tablets, or anything alike. The term UE may also refer togenerally stationary communication devices, such as laptops, computers,Internet of Things (IoT) devices or anything alike. In the followingdescription the term User Equipment is used, which is intended to coverany of the above identified use cases.

In the context of the present disclosure, a telecommunication networkcomprises the access network, for example the Evolved UMTS TerrestrialRadio Access Network (E-UTRAN), as well as the core network, for examplethe Evolved Packet Core (EPC) network. The access node is typically thenode in the access network to which a UE directly communicates, forexample the Evolved Node B in 4G telecommunication networks, the gNodeBin 5G telecommunication networks, the radio base station or anythingalike.

The last couple of years, proximity-based services, ProSe, have beenintroduced in the telecommunication network for providing additionalfunctionality for a UE. The features of ProSe comprise ProSe discoveryand ProSe Direct Communication.

A ProSe capable UE may perform a ProSe discovery to identifyProSe-enabled UEs in its proximity using the access network and/or thecore network. Direct Communication enables the establishment of a directcommunication connection between ProSe-enabled UEs that are in directcommunication range. The ProSe Direct Communication path could usedifferent radio technologies, for example, E-UTRA or Wi-Fi NeighborhoodAware Networking (Wi-Fi NAN), or anything alike.

ProSe Direct communication enables the use of a ProSe UE-to-Networkrelay, which acts as a relay between the access network and a remote UE.The ProSe UE-to-Network relay entity (relay capable UE) thus providesthe functionality to support connectivity to the telecommunicationnetwork for remote UEs. A UE is considered to be a remote UE for acertain ProSe UE-to-Network relay if it has successfully established adirect communication path to the UE-to-Network relay. A remote UE can belocated within, or outside, the coverage area of the access node.

The ProSe UE-to-Network Relay shall relay traffic, uplink as well asdownlink, between the remote UE and the telecommunication network. TheProSe UE-to-Network Relay provides generic functions that can relay anyInternet Protocol (IP) traffic, packet switched traffic, or other typesof packet-based transport services. Here, one-to-one DirectCommunication is used between remote UEs and the ProSe UE-to-NetworkRelays for relaying the traffic.

The establishment of a relayed connection can be done using mechanismsfor discovery and link setup specified in 3GPP's Proximity Services.However, in order to use these mechanisms, the ProSe Function, asspecified in 3GPP TS 23.303, in the network needs to authorize the UEusing the service and the network needs to configure and control the useof radio resources for the link between the remote UE and the relaycapable UE. Service authorization is performed via a direct access tothe network over the PC3 interface. The configuration of radio resourcesto use is also performed via a direct access over the PC3 interface tothe network in case of Public Safety usage when the remote UE is notserved by an access network, i.e. when it has no connection to thetelecommunication network.

The above implies that the remote UE needs to have had a previousconnection to the network before the establishment of the relayingconnection, i.e. it needs to already be registered or attached to thetelecommunication network. If the remote UE hasn't had any contact withthe access network previously, or it doesn't have a connection to theaccess network, it is currently not possible to establish a relayedconnection.

In short, it is presently a drawback that remote UEs need to have, orhave had, a previous direct connection to the access network in order toestablish the relayed connection via the relay capable UE.

SUMMARY

It is an objective to provide for methods of establishing a signallingconnection between a remote UE and a telecommunication network via arelay capable UE.

It is another objective to provide for devices for supportingestablishment of a connection between a remote UE and atelecommunication network via a relay capable UE.

In a first aspect there is provided a method of establishing asignalling connection between a remote UE and a telecommunicationnetwork via a relay capable UE, wherein said relay capable UE hasestablished user plane connectivity to an intermediate node comprised bysaid telecommunication network and is arranged for supportingestablishment of said connection for said remote UE.

The method comprises the steps of receiving a registration message oversaid user plane forwarded by said relay capable UE and originating fromsaid remote UE for registering said remote UE to said telecommunicationnetwork, forwarding said registration message to a Mobility ManagementFunction comprised by said telecommunication network, receiving aregistration accept message from said Mobility Management Function foraccepting registration of said remote UE to said telecommunicationnetwork, and forwarding said registration accept message to said remoteUE via said relay capable UE.

The present disclosure is directed to the introduction of anintermediate node in the telecommunication network, wherein a user planeconnection between the relay capable UE and the intermediate node can beestablished. That particular user plane connection is used for conveyingthe registration message which originates from the remote UE.

Typically, a user plane connection is used for handling user trafficlike voice and/or data, and a control plane connection handles theactual signalling, i.e. control messages, between nodes in thetelecommunication network. In the present disclosure, it is the userplane connection that is associated with the relay capable UE that isactually used for signalling purposes.

The advantage of the above is that the remote UE does no longer need aninitial, direct, connection to the telecommunication network beforeestablishing a relayed connection, via the relay capable UE, to thetelecommunication network. More specifically, the registration messagefor registering, or attaching, the remote UE to the telecommunicationnetwork may be routed to the telecommunication network via the relaycapable UE. As such, an initial direct connection between the remote UEand the access network becomes superfluous.

According to the present disclosure, an intermediate node is introducedfor supporting the establishment of a relayed connection between theremote UE and the telecommunication network. The intermediate node isable to support a user plane connection between the relay capable UE anditself.

It is noted that for a non-relayed connection, the access node, forexample a 4G eNodeB or a 5G gNB, forwards the registration message viathe control plane directly to the Mobility Management Function, forexample the 4G Mobility Management Entity (MME) or the 5G Access andMobility Management Function (AMF). The intermediate node is introducedsuch that a user plane connection with the relay capable UE and acontrol plane connection to the Mobility Management Function can beestablished. The intermediate node may then receive the registrationmessage from the remote UE via the user plane connection to the relaycapable UE, and may forward the registration message to the MobilityManagement Function using the control plane.

The intermediate node may be considered a proxy node which receives andrelays signalling messages between the remote UE and the MobilityManagement Function. Such an intermediate node may be considered adevice-to-device functionality node. It may also perform its own accessauthorization procedures in order to verify whether the remote UE isallowed to be registered to the network.

The functionality of the intermediate node may also be implemented innodes already existing in the telecommunication network, for example aPacket Data Network Gateway (P-GW) node, a 5G User Plane Function (UPF),an evolved Packet Data Gateway node, a Trusted Wireless Access Gateway,a ProSe function or a Non-3GPP Interworking Function.

The Mobility Management Function may be a Mobility Management Entity(MME) node in fourth Generation (4G) telecommunication networks or anAccess and Mobility Management Function (AMF) node in fifth Generation(5G) telecommunication networks.

In order to discover the relay capable UE, the remote UE may perform aProSe discovery method. The present disclosure is especially suitablefor situations in which the remote UE discovers the relay capable UEusing particular types of radio resources, like WiFi or WiFiNeighborhood Area Network (Wi-Fi NAN). In such situations, the remote UEmay not have, or at least may not need, a direct connection with theaccess network. In such case, the remote UE is still able to establish aconnection to the telecommunication network by using the relay capableUE for forwarding the registration message. The present disclosure mayalso apply to any future 5G version of direct device-to-device discoveryand communication.

In an embodiment, said registration message comprises an identificationof an identity of said remote UE, wherein said method further comprisesthe step of translating said identification of said identity of saidremote UE to said identity of said remote UE and inserting said identityof said remote UE into said registration message to be forwarded to saidMobility Management Function.

It was found that the registration message that is sent from the remoteUE via the relay capable UE to the telecommunication network maycomprise sensitive information. One of the risks involved in a relayingconcept is that the relay capable UE is able to intercept such sensitiveinformation from the registration message. Such sensitive informationis, for example, the permanent identity of the remote UE such as theInternational Mobile Subscription Identifier (IMSI).

In order to overcome such potential risks, a temporary identification ofthe identity of the remote UE may be introduced. Such an identificationis, for example, a token which uniquely refers to the specific identityof the remote UE. In such a case, it is no longer needed to include thespecific permanent identity of the remote UE, i.e. the IMSI, in theregistration message. It is sufficient to include the temporaryidentification of the identity of the remote UE in the registrationmessage.

Here, the intermediate node should be able to translate the temporaryidentification of the identity of the remote UE into the identity of theremote UE itself. This can be accomplished in several ways.

As a first option, the remote UE may, previously, connect to theintermediate node via another network, i.e. not via the relay capableUE, to retrieve or generate the identification of the identity of theremote UE. The remote UE may, for example, send its identity to theintermediate node, and the intermediate node may generate and provide anidentification of the identity of the remote UE back to the remote UEagain. In a subsequent registration message, the remote UE may simplyuse the identification of the identity of the remote UE as theidentification can be translated, by the intermediate node, back to theidentity of the remote UE itself.

As a second option, a user may manually provision the identity of theremote UE in the intermediate node. The intermediate node may thengenerate the identification of the identity of the remote UE. The usermay then, subsequently, provision that particular identification in theremote UE.

The advantage of the above is that the relay capable UE is not able totranslate the identification of the identity of the remote UE to theactual identity of the remote UE, thereby improving the security andsafety aspects of the signalling mechanism.

In an embodiment, said method comprises an initial step of establishinga secure connection between said remote UE and said intermediate nodeover said relay capable UE.

As mentioned above, there may be a potential security risk in that therelay capable UE may be able to intercept sensitive information which isincluded in the registration message.

As an alternative, or as an addition to the solution provided above, asecure connection between the remote UE and the intermediate node overthe relay capable UE may be established initially. Such a secureconnection may then be used for conveying the registration message.

Such a secure connection may be based on Transport Layer Security (TLS)IPSec associations, or anything alike.

The advantage of the above is that the relay capable UE is not able tointercept the registration message, as the message is being conveyedover a secure connection between the remote UE and the intermediatenode.

In a further embodiment, said method comprises the steps of receiving,by said remote UE, from said relay capable UE, a tracking areaidentification for indicating a tracking area of said relay capable UEand inserting, by said remote UE, said tracking area identification insaid registration message.

The tracking area identification is, for example, the Tracking AreaCode, the Routing Area Identification or the Location AreaIdentification.

The tracking area identification may be requested by transmitting, bythe remote UE towards the relay capable UE, a Cell ID AnnouncementRequest as, for example, specified in TS 23.303 clause 5.4.4.5. Therelay capable UE will then respond with a Cell ID Announcement Responsemessage, which Response message comprises a Tracking Area Code.

The tracking area identification may, alternatively, be inserted in theregistration message by the relay capable UE. That is, the remote UE maysend the registration message directly to the relay capable UE, and therelay capable UE may insert its tracking area identification in thatparticular message before forwarding the registration message to theintermediate node.

The advantage of adding the tracking area identification is that theMobility Management Function is made aware of the area, i.e. location,of the remote UE within the telecommunication network. As such, theMobility Management Function is able to “find” the remote UE in thetelecommunication network by using the tracking area identification andis therefore especially useful for situations in which traffic isheading towards the remote UE, i.e. in the downlink situation.

In another embodiment, said method further comprises the step ofconveying subsequent signalling messages between said remote UE and saidMobility Management Function using said established signallingconnection by transmitting said subsequent signalling messages over acontrol plane between said relay capable UE and said Mobility ManagementFunction. Subsequent messages between the remote UE and the MobilityManagement Function do no longer need to be transferred over the userplane between the relay capable UE and the intermediate node once thesignalling connection for the remote UE has been established.

These subsequent messages may then be transmitted over a control planebetween the relay capable UE and the Mobility Management Function.

The advantage of the above-described embodiment is that a moreconventional connection between the remote UE and the MobilityManagement Function may be utilized for transferring the subsequentsignalling messages for, for example, session management or mobilitymanagement. According to the present disclosure, messages related to theinitial registration of the remote UE are conveyed over the user planeconnection of the relay capable UE. Subsequent messages from, or to, theremote UE may use a conventional signalling path, and thus will nottravel over the user plane.

In an example, the relay capable UE may have a user plane connection tothe intermediate node via non-3GPP access like Wi-Fi, Bluetooth, or afixed connection. A user plane connection may also be plain IPconnectivity, or another type of point-to-point connectivity like Pointto Point Tunnelling Protocol or Generic Routing Encapsulation tunnels, anon-IP Public Data Network, PDN, connection, a PDN connection with CIoTControl Plane Optimization as specified in TS 23.401 clause 5.3.4B, oranything alike. The benefit of this is supporting relaying via differentaccess networks, especially since the 5G core network architecture isenvisioned to support access via many different access networktechnologies.

In a second aspect of the present disclosure, there is provided anintermediate node arranged for supporting establishment of a signallingconnection between a remote UE and a telecommunication network via arelay capable UE, wherein said intermediate node is arranged for havinguser plane connectivity between said relay capable UE and saidintermediate node, said intermediate node comprising a receiver, atransmitter, and at least one processor configured to use said receiverfor receiving a registration message over a user plane, whichregistration message is forwarded by said relay capable UE andoriginating from said remote UE for registering said remote UE to saidtelecommunication network, use said transmitter for forwarding saidregistration message to a Mobility Management Function comprised by saidtelecommunication network, use said receiver for receiving aregistration accept message from said mobility Management Function foraccepting registration of said remote UE to said telecommunicationnetwork, and use said transmitter for forwarding said registrationaccept message to said remote UE via said relay capable UE.

The expressions, i.e. the wording, of the different aspects comprised bythe method and devices according to the present disclosure should not betaken literally. The wording of the aspects is merely chosen toaccurately express the rationale behind the actual functioning of theaspects.

In accordance with the present disclosure, different aspects applicableto the above-mentioned examples of the methods in a first aspect of theinvention, including the advantages thereof, correspond to the aspectswhich are applicable to methods of the second aspect or the third aspectof the invention.

As mentioned above, the intermediate node may be any of a Packet DataNetwork Gateway (P-GW) node, a ProSe function, a User Plane Function(UPF), an evolved Packet Data Gateway node, non-3GPP InterWorkingFunction, N3IWF, or a Trusted Wireless Access Gateway.

It was found that an intermediate node, i.e. a node between the MobilityManagement Function and the relay capable UE, may be utilized, becausethe relay capable UE may need to transmit the registration message overa user plane. Typically, it may not be possible to transfer theregistration message directly from the relay capable UE to the MobilityManagement Function as the Mobility Management Function may not supportthat particular functionality.

The intermediate node may then function as a node that is capable ofhaving user plane connectivity towards the relay capable UE, and that iscapable of interacting with the Mobility Management Function.

In an embodiment, said registration message comprises an identificationof an identity of said remote UE, wherein said at least one processor isfurther arranged for translating said identification of said identity ofsaid remote UE to said identity of said remote UE, and for insertingsaid identity of said remote UE in said registration message to beforwarded to said Mobility Management Function.

In an embodiment, said at least one processor is further arranged forestablishing a secure connection between said remote UE and saidintermediate node over said relay capable UE.

In a third aspect, there is provided a remote UE arranged forestablishing a signalling connection to a telecommunication network viaa relay capable UE, said remote UE comprising a receiver, a transmitter,and at least one processor configured to discover said relay capable UEand to establish a direct connection to said relay capable UE, to usesaid transmitter for transmitting a registration message to saidintermediate node, via said relay capable UE, for registering saidremote UE in said telecommunication network, to use said receiver forreceiving an registration accept message for accepting registration ofsaid remote UE to said telecommunication network.

The remote UE does not need to have its own, direct, connection to thetelecommunication network. That is, the remote UE does not need to beconnected to an access network.

The registration message is sent by the remote UE directly to the relaycapable UE, even if the remote UE was to be connected to thetelecommunication network. The registration message may be sent usingWi-Fi technology, Bluetooth technology, Zigbee technology, Long TermEvolution (LTE) direct technology, future 5G direct radio technology, oranything alike.

The present disclosure may be applicable for different types oftelecommunication network, like the fourth Generation (4G)telecommunication network and the fifth Generation (5G)telecommunication network. For example, in some parts of the presentdisclosure there is referred to the evolved node B (eNB) which is knownin 4G telecommunication networks as the access node for a UE. A samereasoning may be valid for the gNodeB (next Generation Node B, gNB) in5G telecommunication networks. Similarly, the Mobility ManagementFunction may be referred to as a Mobility Management Entity (MME) in 4Gtelecommunication networks and/or an Access and Mobility ManagementFunction (AMF) in 5G telecommunication networks. Further, the Packetgateway (P-GW) and Serving gateway (S-GW) in 4G telecommunicationnetworks may be referred to as User Plane Function (UPF) in 5Gtelecommunication networks.

As such, the registration message may be an attach request message or aregistration request message or anything like.

In an embodiment, the at least one processor is further configured toinsert, in said registration message, an identification of said identityof said remote UE, which identification translates to an identity ofsaid remote UE.

In an embodiment, the at least one processor is further configured forestablishing a secure connection between said remote UE and saidintermediate node over said relay capable UE.

In an embodiment, the at least one processor is further configured touse said receiver for receiving, from said relay capable UE, a trackingarea identification for indicating a tracking area of said relay capableUE, and insert said tracking area identification in said registrationmessage.

In a fourth aspect, there is provided a relay capable UE for acting as arelay for a remote UE towards a telecommunication network, said relaycapable UE comprising a receiver, a transmitter, and at least oneprocessor configured to establish a direct connection to said remote UE,to use said receiver for receiving a signalling message from said remoteUE, wherein said signalling message is intended for a MobilityManagement Function comprised by said telecommunication network, todetermine that said signalling message is to be transmitted to anintermediate node in said telecommunication network over a user planeassociated with said relay capable UE, and to use said transmitter fortransmitting said signalling message over said user plane to saidintermediate node.

The relay capable UE is arranged to determine that a signalling messagereceived from the remote UE is to be transmitted to the intermediatenode in the telecommunication network over a user plane.

For example, a registration message, being a specific signallingmessage, originating from the remote UE is to be transmitted over theuser plane as that particular message is intended to establish asignalling connection between the Mobility Management Function and theremote UE.

Subsequent signalling messages, sent from the remote UE to the relaycapable UE, may be transmitted over a control plane between the relaycapable UE and the Mobility Management Function once the signallingconnection has been established.

The relay capable UE may, for example, determine the specific type ofsignalling message that it received from the remote UE. A registrationmessage may be sent to the intermediate node over the user plane and anyother signalling message may be sent directly to the Mobility ManagementFunction over the control plane.

In a fifth aspect, there is provided a non-transitory computer-readablestorage medium, comprising instructions which, when executed on at leastone processor, cause the at least one processor to carry out the methodaccording to any of methods as disclosed above.

Any type of computer readable storage medium may be utilized. Thecomputer readable storage medium may be, for example, but not limitedto, an electronic, magnetic, optical, electromagnetic, infrared, orsemiconductor system, apparatus, or device, or any suitable combinationof the foregoing. More specific examples of the computer readablestorage medium would include the following: an electrical connectionhaving one or more wires, a portable computer diskette, a hard disk, arandom access memory, RAM, a read-only memory, ROM, an erasableprogrammable read-only memory, a portable compact disc read-only memory,an optical storage device, a magnetic storage device, or any suitablecombination of the foregoing.

In a sixth aspect, there is provided a telecommunication network forsupporting establishment of a direct connection between a remote UE andsaid telecommunication network via a relay capable UE, wherein saidrelay capable UE has established user plane connectivity to anintermediate node comprised by said telecommunication network and isarranged for supporting establishment of said direct connection for saidremote UE, said telecommunication network comprising an intermediatenode in accordance with any of the examples as provided above.

The above-mentioned and other features and advantages of the disclosurewill be best understood from the following description referring to theattached drawings. In the drawings, like reference numerals denoteidentical parts or parts performing an identical or comparable functionor operation.

BRIEF DESCRIPTION OF THE FIGURES

FIG. 1 shows a signalling diagram in which a remote User Equipment, UE,requests registration in the telecommunication network via a relaycapable UE.

FIG. 2 shows another signalling diagram in which the remote UE requestsregistration in the telecommunication network via the relay capable UE.

FIG. 3 shows a signalling diagram in which two methods of retrieving anidentification of an identity of said remote UE are disclosed.

FIG. 4 shows a flow diagram illustrating an example of method stepsperformed in accordance with the present disclosure.

DETAILED DESCRIPTION

It is noted that aspects that have the same, or similar, meaning acrossthe figures have been referenced with the same reference numeral toincrease the readability.

FIG. 1 shows a signalling diagram 1 in which a remote User Equipment,UE, 2 requests registration in the telecommunication network via a relaycapable UE 3, in accordance with an embodiment of the present invention.

As mentioned in the background section, a method for establishing arelayed connection for a remote UE is already known in the art. Such amethod requires the network to first authorize the remote UE and thenetwork needs to configure and control the use of radio resources forthe link between the Remote UE and the Relay capable UE.

One of the disadvantages of the above-described known method is that theremote UE needs to have had a previous connection to the network beforeinitiating establishment of a relayed connection.

The signalling diagram 1 shown in FIG. 1 depicts a method in which arelayed connection for a remote UE 2 can be established, without theneed for the remote UE 2 to have had a previous connection to thenetwork. The corresponding method steps are elucidated in more detailhereafter.

First, the remote UE 2 may initiate a device-to-device proximitydiscovery procedure 7 using WiFi Aware, or other types of proximitydiscovery procedures, to find and setup a direct connection to the relaycapable UE 3.

Second, the remote UE 2 may transmit a registration message 8 to anintermediate node 5, via said relay capable UE 3 over said establisheddirect connection, for registering said remote UE 2 in saidtelecommunication network.

The intermediate node 5 is arranged to exchange messages with the relaycapable UE 3 over a user plane 12, and is arranged to exchange messageswith a Mobility Management Function 6 over a control plane. As such, theintermediate node 5 may act as a proxy for the signalling messagesexchanged between the remote UE 2 and the Mobility Management Function6. The relay capable UE 3, thus, has established user plane connectivityto the intermediate node 5, and the registration message 8 is forwarded,by the relay capable UE 3, over the user plane, to the intermediate node5.

Third, the intermediate node 5 may forward the registration message 9 tothe core network of the telecommunication network, more specifically toa Mobility Management Function comprised by the telecommunicationnetwork.

Fourth, the Mobility Management Function may transmit a registrationaccept message 10 to the intermediate node 5 for accepting registrationof the remote UE 2 to the telecommunication network.

Fifth, the intermediate 5 node may forward the registration acceptmessage 11 to the remote UE 2 via the relay capable UE 3.

The inventors have found that a previous, direct, connection of theremote UE 2 to the telecommunication network is no longer required incase the user plane connectivity 12 of the relay capable UE 3 to theintermediate node 5 is utilized for conveying the registration messageoriginating from the remote UE 2.

The presented method has the advantage that the remote UE 2 does notneed to have had a previous connection to the network. This, however,does not mean that the presented method is excluded for remote UEs thathave had a previous connection to the network.

Further, it is noted that the presented method enables the use of othertypes of discovery procedures 7 for the remote UE 2. Some radioresources, like WiFi, WiFi NAN, or the like, do not need a previousconnection from the remote UE 2 to the core network. Using suchtechnologies, a direct connection between the remote UE 2 and the relaycapable UE 3 may be established without contacting the access network orthe core network. As such, the presented method is especiallyadvantageous when considering non-3GPP radio technologies for discoveryand communication between the remote UE 2 and the relay capable UE 3.

The telecommunication network may comprise a core network and an accessnetwork for obtaining access to the core network. The telecommunicationnetwork may be based on a fourth Generation network, wherein the corenetwork is the Evolved Packet Core, EPC, and wherein the access networkis the Evolved UMTS Terrestrial Radio Access Network, E-UTRAN. Inanother option, the telecommunication network may be based on a fifthGeneration network, wherein the core network is the 5G Core network,5GCN, and wherein the access network is the 5G Access Network, 5GAN, andwherein the access node is the gNB.

In the present scenario, it is assumed that the relay capable UE 3 mayalready be registered in the telecommunication network and may have anactive Public Data Network, PDN, connection. The relay capable UE 3 maybe connected to the core network via an access node 4, for example theEvolved Node B, eNB 4.

The present disclosure describes a method of establishing a relayedconnection between the remote UE 2 and the telecommunication network,wherein the remote UE 2 sends a registration message 8 for registeringthe remote UE 2 in the telecommunication network. It is noted that sucha registration message may be based on an attach request message asknown in the art.

It was found that the introduction of an intermediate node 5 isbeneficial as, typically, the Mobility Management Function 6 doestypically not support end-to-end user plane connectivity. As such, theregistration message may be sent, by the relay capable UE 3, over a userplane connection 12, for example a Transmission Control Protocol, TCP,session, to the intermediate node 5, and the intermediate node 5 mayforward 9 the registration message over a control plane to the MobilityManagement Function 6.

As mentioned previously, one of the intrinsic issues with using a relaycapable UE 3 is that the relay capable UE 3 may intercept any messagesexchanged between the remote UE 2 and the telecommunication network. Atleast two scenarios were found to mitigate the risk that the relaycapable UE can intercept, and interpret particular content of themessages exchanged.

As a first option, it was found to establish a secure connection betweenthe remote UE 2 and the intermediate node 5, which is explained in moredetail with reference to the signalling diagram 21 shown in FIG. 2 .

Here, the communication flows between the remote UE 2 and thetelecommunication network are the same as the communication flows asdepicted in FIG. 1 . The difference is that, first, a securityassociation 13 is established between the remote UE 2 and theintermediate node 5, via the relay capable UE 3, before the registrationmessage is sent by the remote UE 2. The registration message is thensent over the established secure connection 13. The secure connection 13may represent a secure tunnel between the remote UE 2 and theintermediate node 5. The relay capable UE 3 may forward any IP packetsbelonging to this secure tunnel, via the user plane 12, to theintermediate node 5.

The secure connection 13 between the remote UE 2 and the intermediatenode 5 may be established using known mechanisms like Internet ProtocolSecurity, IPSec, Transport Layer Security, TLS, or anything alike.

The registration message may then comprise the identity of the remoteUE, e.g. the IMSI, or any other sensitive information, as the message issent over the secure connection such that the relay capable UE 3 is notable to intercept the message and view its content.

FIG. 3 shows signalling diagrams 31 directed to a second option. Thesecond option may have two different implementations. A firstimplementation is indicated with reference numeral 32. A secondimplementation is indicated with reference numeral 33.

The generic idea of the second option is to include an identification ofan identity of said remote UE 2, e.g. an access token, by the remote UEin the registration message. In such a case, the intermediate node 5should be able to translate the identification of the identity of theremote UE 2, i.e. the access token, to the identity of the remote UE 2itself. The access token may thus translate into an identity, e.g. theInternational Mobile Subscriber Identity, IMSI, of the remote UE 2.

The intermediate node 5 may then need to be aware of the specifictranslations.

Using an access token as explained above, the relay capable UE 3 maystill be able to intercept and view the content of the messagesexchanged between the remote UE 2 and the telecommunication network, butthe relay capable UE 3 is not able to retrieve any sensitiveinformation. More specifically, the relay capable UE 3 is not able toretrieve the IMSI as the IMSI is not part of the registration message.The relay capable UE 3 is not able to translate the identification ofthe identity of the remote UE 2, i.e. the access token, to the IMSI asthe relay capable UE 3 is not aware of how to perform such translations.

The first implementation 32 assumes that the remote UE 2 is able tocontact the intermediate node 5 via any type of access network. Theremote UE 2 may, for example, have a regular, direct, connection to thecore network via an E-UTRAN, or may connect to the core network in anyother way.

In a first step 42, a secure connection may be established between theremote UE 2 and the intermediate node 5. The secure connection 42 isused for transmitting 35 a token request message for requesting anaccess token, i.e. an identification of the identity of the remote UE 2,that translates into the identity of the remote UE 2.

Upon receipt of the token request message, the intermediate node 5 mayfetch 37 the subscription details, i.e. the IMSI, from a Home SubscriberServer, HSS 34.

The intermediate node 5 may then generate an access token 36 based onthe IMSI that it received from the HSS 34, and the access token is thentransmitted 38, over the secure connection, towards the remote UE 2. Theremote UE 2 may then store the access token 36, for example until itlater needs to perform a registration via a relay capable UE. The remoteUE 2 is then able to incorporate the access token in the registrationmessage as the intermediate node 5 is able to translate the access tokento the IMSI of the remote UE 2.

The second implementation 33 assumes that a user provisions the accesstoken manually. That is, a subscription identifier, for example theIMSI, the Integrated Circuit Card Identifier, ICCID, or ausername/password combination, for the remote UE 2 may be provisioned 39directly into the intermediate node 5, for example via a web interfaceor anything alike. The intermediate node 5 may then fetch 37subscription details from a HSS 34 based on the received subscriptionidentifier, and may generate 40 an access token based on the detailsreceived.

Finally, the generated 40 access token is displayed to the user, and theuser may provision 41, for example store, the access token directly inthe remote UE 2.

FIG. 4 shows a flow diagram illustrating an example 51 of method stepsperformed in accordance with the present disclosure. The method stepsare elucidated in more detail hereafter.

The remote UE 2 may initiate a device-to-device proximity discoveryprocedure 7 using WiFi Aware, or other types of proximity discoveryprocedures, to find and setup a connection to the relay capable UE 3.The relay capable UE 3 may be connected to an access node 4 foraccessing the core network of the telecommunication network. The accessnode 4 may, for example, be the Evolved Node B, eNB 4.

One possibility is to use ProSe Discovery and One-to-one connectionsetup as is specified in 3GPP TS 23.303. Once completed, the remote UE 2may initiate a Cell ID Announcement Request also as specified in TS23.303. With the Cell ID Announcement Response message, the relaycapable UE 3 may inform the Remote UE 2 about the tracking areaidentification, for example the Tracking Area Code, TAC, and/or EUTRANCell Global ID it is connected to.

The Remote UE 2 may then send a registration message 52, for example anattach request, to the intermediate node 5, for example a ProSeFunction, for requesting registration in the telecommunication network.This message may include the identification of the identity of theremote UE 2 provisioned manually or retrieved from the ProSe Function,as explained with respect to FIG. 3 . The message is sent via the relaycapable UE's user plane.

The intermediate node 5 may find 61 the UE context based on the receivedidentification of the identity of the remote UE 2, and may obtain theIMSI using the identification of the identity of the remote UE 2 presentin the registration message 52. Further, the intermediate node 5 mayperform ProSe service authorization for the remote UE 2.

The intermediate node 5 may forward the registration message 53 to theMobility Management Function 6, for example the Mobility ManagementEntity or the Access and Mobility management function, including theobtained IMSI. Such a registration message 53, for example an attachmessage, may be based on the attach cases as defined in TS 23.401,wherein, additionally, the attach type may be set to “relayed” andwherein the message comprises the tracking area identification.

The authentication and key agreement may be performed 54, 55 in the sameway as during a regular attach procedure as defined in TS 23.401. Thedifference may be that corresponding messages are sent via theintermediate node 5 in both directions.

The Non Access Stratum, NAS, Security Mode procedure may also beperformed 56, 57 in the same way as during the regular attach proceduredefined in TS 23.401. Again, the difference is that correspondingmessages are sent via the intermediate node 5 in both directions.

The Mobility Management Function 6 may initiate 62 a new sessioncreation towards a Serving Gateway, SGW, as defined in TS 23.401.However, based on the attach type being “relayed”, the MobilityManagement Function 6 may not initiate a context setup towards the radioaccess network as in the conventional attach procedure. The remote UE 2may thus remain in ECM-IDLE state.

The Mobility Management Function 6 may accept the registration requestby sending 58 an attach accept message to the intermediate node 5, whichattach accept message may include a new identifier for identifying theremote user equipment 2 to the telecommunication network, for example aGlobally Unique Temporary ID, GUTI.

The intermediate node 5 may then generate 63 a new identification of theidentity of the remote UE 2, which may be used in a subsequent attachprocedure and, and may send 59 an attach accept message to the remote UE2 including its new identification and new GUTI. It is also possiblethat the intermediate node 5 does not generate a new identification inevery remote attach procedure, but after several procedures. It is alsopossible that the identification is updated in time intervals.

The remote UE 2 may complete the establishment of a corresponding NASsignalling context and may finish the procedure by sending 60 an attachcomplete message to the Mobility Management Function 6, via theintermediate node 5.

In case the remote UE 2 needs user plane connectivity, it may initiate64 a NAS Service Request to the Mobility Management Function via thecontrol plane, through the relay capable UE 3 and its serving accessnode 4.

Other variations to the disclosed embodiments can be understood andeffected by those skilled in the art in practicing the claimedinvention, from a study of the drawings, the disclosure, and theappended claims. In the claims, the word “comprising” does not excludeother elements or steps, and the indefinite article “a” or “an” does notexclude a plurality. A single processor or other unit may fulfil thefunctions of several items recited in the claims. The mere fact thatcertain measures are recited in mutually different dependent claims doesnot indicate that a combination of these measured cannot be used toadvantage. A computer program may be stored/distributed on a suitablemedium, such as an optical storage medium or a solid-state mediumsupplied together with or as part of other hardware, but may also bedistributed in other forms, such as via the Internet or other wired orwireless telecommunication systems. Any reference signs in the claimsshould not be construed as limiting the scope thereof.

1. A method of establishing a signalling connection between a remoteUser Equipment, UE, and a telecommunication network via a relay capableUE, wherein said relay capable UE has established user planeconnectivity to an intermediate node comprised by said telecommunicationnetwork and is arranged for supporting establishment of said connectionfor said remote UE, said method comprising: receiving a registrationmessage over said user plane forwarded by said relay capable UE andoriginating from said remote UE for registering said remote UE to saidtelecommunication network; forwarding said registration message to aMobility Management Function comprised by said telecommunicationnetwork; receiving a registration accept message from said MobilityManagement Function for accepting registration of said remote UE to saidtelecommunication network, and forwarding said registration acceptmessage to said remote UE via said relay capable UE.
 2. A methodaccording to claim 1, wherein said registration message comprises anidentification of an identity of said remote UE, wherein said methodfurther comprises: translating said identification of said identity ofsaid remote UE to said identity of said remote UE and inserting saididentity of said remote UE into said registration message to beforwarded to said Mobility Management Function.
 3. A method according toclaim 1 wherein said method comprises: establishing a secure connectionbetween said remote UE and said intermediate node over said relaycapable UE.
 4. A method according to claim 1 wherein said methodcomprises: receiving, by said remote UE, from said relay capable UE, atracking area identification for indicating a tracking area of saidrelay capable UE; inserting, by said remote UE, said tracking areaidentification in said registration message.
 5. A method according toclaim 1, wherein said method further comprises the step of: conveyingsubsequent signalling messages between said remote UE and said MobilityManagement Function using said established signalling connection bytransmitting said subsequent signalling messages over a control planebetween said relay capable UE and said Mobility Management Function. 6.An intermediate node arranged for supporting establishment of asignalling connection between a remote UE and a telecommunicationnetwork via a relay capable UE, wherein said intermediate node isarranged for having user plane connectivity between said relay capableUE and said intermediate node, said intermediate node comprising: areceiver; a transmitter; at least one processor configured to use saidreceiver for receiving a registration message over a user plane, whichregistration message is forwarded by said relay capable UE andoriginating from said remote UE for registering said remote UE to saidtelecommunication network; use said transmitter for forwarding saidregistration message to a Mobility Management Function comprised by saidtelecommunication network; use said receiver for receiving aregistration accept message from said mobility Management Function foraccepting registration of said remote UE to said telecommunicationnetwork, and use said transmitter for forwarding said registrationaccept message to said remote UE via said relay capable UE.
 7. Anintermediate node in accordance with claim 6, wherein said registrationmessage comprises an identification of an identity of said remote UE,wherein said at least one processor is further arranged for translatingsaid identification of said identity of said remote UE to said identityof said remote UE, and for inserting said identity of said remote UE insaid registration message to be forwarded to said Mobility ManagementFunction.
 8. An intermediate node in accordance with claim 6, whereinsaid at least one processor is further arranged for establishing asecure connection between said remote UE and said intermediate node oversaid relay capable UE.
 9. A remote User Equipment, UE, arranged forestablishing a signalling connection to a telecommunication network viaa relay capable UE, said remote UE comprising: a receiver; atransmitter; at least one processor configured to discover said relaycapable UE and to establish a direct connection to said relay capableUE; use said transmitter for transmitting a registration message to saidintermediate node, via said relay capable UE, for registering saidremote UE in said telecommunication network; use said receiver forreceiving an registration accept message for accepting registration ofsaid remote UE to said telecommunication network.
 10. A remote UE inaccordance with claim 9, wherein said at least one processor is furtherconfigured to insert, in said registration message, an identification ofsaid identity of said remote UE, which identification translates to anidentity of said remote UE.
 11. A remote UE in accordance with claim 9,wherein said at least one processor is further configured forestablishing a secure connection between said remote UE and saidintermediate node over said relay capable UE.
 12. A remote UE inaccordance with claim 9 wherein said at least one processor is furtherconfigured to use said receiver for receiving, from said relay capableUE, a tracking area identification for indicating a tracking area ofsaid relay capable UE, and insert said tracking area identification insaid registration message.
 13. A relay capable User Equipment, UE, foracting as a relay for a remote UE towards a telecommunication network,said relay capable UE comprising: a receiver; a transmitter; at leastone processor configured to establish a direct connection to said remoteUE; use said receiver for receiving a signalling message from saidremote UE, wherein said signalling message is intended for a MobilityManagement Function comprised by said telecommunication network;determine that said signalling message is to be transmitted to anintermediate node in said telecommunication network over a user planeassociated with said relay capable UE; use said transmitter fortransmitting said signalling message over said user plane to saidintermediate node.
 14. A non-transitory computer-readable storagemedium, comprising instructions which, when executed on at least oneprocessor, cause the at least one processor to carry out the methodaccording to any of the claim
 1. 15. A telecommunication network forsupporting establishment of a direct connection between a remote UserEquipment, UE, and said telecommunication network via a relay capableUE, wherein said relay capable UE has established user planeconnectivity to an intermediate node comprised by said telecommunicationnetwork and is arranged for supporting establishment of said directconnection for said remote UE, said telecommunication network comprisingan intermediate node in accordance with claim 6.